Categorygithub.com/eaglesakura/go-secure-backend
modulepackage
0.3.2
Repository: https://github.com/eaglesakura/go-secure-backend.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
24
Dependents
0
Files
776 SLOC

# README

go-secure-backend

Enable API

IAM settings.

You need attach roles to your service account.

  • for Firebase Auth token verify.
    • Firebase Admin SDK Administrator Service Agent
    • Service Account Token Creator
  • for API Key verify.
    • Service Controller

Firebase Auth token verifier

var securityContext SecurityContext

func HandleHttp(w http.ResponseWriter, r *http.Request) {
    authToken := // get Firebase Token from request.

    parsedToken, err := securityContext.NewFirebaseAuthVerifier().Verify(apiKey)
    if err != nil {
        panic("Invalid Firebase Token!!")
    }
    
    // do something...
}

func main() {
    configs := &secure_backend.SecurityContextConfigs{}
    if ctx, err := secure_backend.NewSecurityContext(configs); err != nil {
        panic(err)
    } else {
        securityContext = ctx
    }
}

Google Cloud Platform API Key validator

Validation your API Key, created by Google Cloud Platform.


var securityContext SecurityContext

func HandleHttp(w http.ResponseWriter, r *http.Request) {
    apiKey := // get Google API Key from reqeust.
    if !securityContext.NewGoogleApiKeyVerifier().Verify(apiKey) {
        panic("Invalid Google API Key!!")
    }
    
    // do something.
}

func main() {
    configs := &secure_backend.SecurityContextConfigs{}
    if ctx, err := secure_backend.NewSecurityContext(configs); err != nil {
        panic(err)
    } else {
        securityContext = ctx
    }
}

Step1. Enable ServiceControl API.

You need ServiceControl API to enable.

Step2. Deploy Swagger file to Cloud Endpoint.

Deploy your API spec to Cloud Endpoint.

If you not use OpenAPI Based API, then you can deploy mock file to Endpoint.

# Init your GCP project.
gcloud init

# deploy
cd path/to/go-secure-backend
./scripts/enable-cloud-endpoint.sh "your-gcp-project-name.appspot.com"

(Option) Step3. API Key security.

You can enable 'restrict key' mode to your API Key on GCP Console.

Go to "GCP Console > APIs & Services > Credentials > (API Key) > API restrictions > Your serviceName" e.g.) "your-gcp-project.appspot.com" API.

# Packages

No description provided by the author

# Functions

New instance.

# Structs

No description provided by the author
No description provided by the author
logger function */.
Verified JWT Data.

# Interfaces

Verifier for Firebase Auth token.
Google Cloud Platform API Key verify.
No description provided by the author